lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <45795.1304640286@localhost>
Date:	Thu, 05 May 2011 20:04:46 -0400
From:	Valdis.Kletnieks@...edu
To:	Greg KH <greg@...ah.com>
Cc:	Kay Sievers <kay.sievers@...y.org>,
	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] reboot: disable usermodehelper to prevent fs access

On Thu, 05 May 2011 14:34:58 PDT, Greg KH said:
> On Thu, May 05, 2011 at 05:24:25PM -0400, Valdis.Kletnieks@...edu wrote:
> > On Thu, 05 May 2011 13:32:05 +0200, Kay Sievers said:
> > > In case CONFIG_UEVENT_HELPER_PATH is not set to "", which it
> > > should be on every system
> >
> > If it indeed should be that on every system, shouldn't it be listed
> > in feature-removal-schedule.txt?
>
> It's the default value, but distros, and people, can and do override it
> for various reasons.  Why would it be added to
> feature-removal-schedule.txt?

Well, what Kay said was "it should be on *every* system", making it sound like
it's an option past its shelf life.  Certainly, "the default should be null for
the vast majority of systems" is a different scenario.

> > Does anybody have a running list of "Stuff we set by default at one time, but
> > no longer recommend"?

> Look at the default values for different configurations options and why
> they differ in your system is about the only way that I know of, sorry.

Hmm.. I suspect diffconfig will only get me part of the way there.  Maybe what
I *need* to do is find a 2.6.25-ish x86_64 defconfig, the current one, diff those, and
then see what changed (as opposed to truly new config flags), and then see
how many of those changes do/don't show up in *my* config as well..

Maybe that would be a good project for some #kernelnewbie to look at ;)
"In my copious free time" ;)


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ